[isf-wifidog] AllowedURLs?
Jean-Philippe Menil
jean-philippe.menil at univ-nantes.fr
Jeu 3 Mar 15:58:14 EST 2011
Le 03/03/2011 21:07, David C. Moody a écrit :
>
> That must be a feature in a newer version? I'm using DD-WRT and if I put
> in the command you gave me nothing appears in iptables. It just skips
> over it. However if I put IP addresses they appear.
>
> Thanks for the help.
>
> On 3/3/11 2:33 PM, "Jean-Philippe Menil"
> <jean-philippe.menil at univ-nantes.fr> wrote:
>
>> Le 03/03/2011 17:50, Andrew Niemantsverdriet a écrit :
>>> David,
>>>
>>> There is not a great way to be able to do this. The best I have come
>>> up with so far is is adding rules to the global FirewallRuleSet.
>>>
>>> So if I wanted to allow example.com I would add a rule to the firewall
>>> set that looks like this:
>>> FirewallRule allow tcp port 80 to 192.0.32.10
>>>
>>> This is not ideal and gets messy when you want to allow something that
>>> uses a content delivery network as you have to list each and every IP.
>>> Google for example has 8 different IP's and if you want to try a white
>>> list something that is on that Akamai network you can pretty much
>>> forget about it.
>>>
>>>
>>> Thanks,
>>> _
>>> /-\ ndrew
>>>
>>>
>>> On Wed, Mar 2, 2011 at 2:36 PM, David C. Moody<davidm at trustholiday.com>
>>> wrote:
>>>> Is there any feature in the wifidog config, where I can set allowed
>>>> URLs?
>>>> For example, I want to allow access to my company website without
>>>> being
>>>> authorized?
>>>> I also have had trouble with https requests not being redirected to the
>>>> authentication server? They just time out. Is there anything that
>>>> can be
>>>> done about that?
>>>> Thanks,
>>>> -David
>>>>
>>>> P Go Green! Print this email only when necessary. Thank you for helping
>>>> Holiday Companies be environmentally responsible.
>>>>
>>>> _______________________________________________
>>>> WiFiDog mailing list
>>>> WiFiDog at listes.ilesansfil.org
>>>> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
>>>>
>>> _______________________________________________
>>> WiFiDog mailing list
>>> WiFiDog at listes.ilesansfil.org
>>> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
>> Or you can simply add the following:
>>
>> FirewallRule allow tcp port 80 to www.google.com
>>
>> iptables resolve the fqdn and append all the ip corresponding to it.
>>
>> Regards.
>> _______________________________________________
>> WiFiDog mailing list
>> WiFiDog at listes.ilesansfil.org
>> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> -----
> Go Green! Print this email only when necessary. Thank you for helping Holiday Companies be environmentally responsible.
>
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
No,
just an hack in the code.
I you want it quickly, comment the line 553 ("all_nums = 1;") in conf.c
But take care, without a test, the gateway daemon could segfault if a
bad line is parsed.
Regards.
-------------- section suivante --------------
Une pièce jointe autre que texte a été nettoyée...
Nom: jean-philippe_menil.vcf
Type: text/x-vcard
Taille: 361 octets
Desc: non disponible
URL: <http://listes.ilesansfil.org/pipermail/wifidog/attachments/20110303/30141705/attachment.vcf>
Plus d'informations sur la liste de diffusion WiFiDog